Creating a secure working environment when it comes to your server is very important if you want to run a web site. And depending on how big and popular your web site becomes, maintaining the security of that web site becomes harder and more important all at the same time. This is why you must learn certain rules to make sure that everything is kept up to par and that the black hat hackers who are out there do not have a way in.
Depending on the type of server that you use will make the difference in whether you have to worry about being infiltrated by hackers or not. While all servers are susceptible to being attacked, not all servers’ infiltration problems come at the worry of the person who created the web site. For example, if you have a managed hosting platform, the person who you rent out the server from is responsible for most of the security that comes with hosting a web site. While you may be responsible for any of the software that you put on the machine, they are responsible for the machine and the operating system itself. If you are on a normal hosting solution the same rules apply as well.
But more and more, people who run web sites are starting to want to control both the front and the back end of the site. They want to be able to run certain technologies and have it set up the way they want it to. And the only way that they can do this is by having full control of the server. So the solution to this problem is to have either unmanaged dedicated servers or run an instance of a VPS solution. An unmanaged dedicated server is one that you run which you have almost total control over. You are pretty much just renting out a server box and everything is up to you. That includes the choice of operating systems and the security that goes with it. In many respects a VPS is similar.
What is a VPS?
The letters VPS stand for Virtual Private Server. What this means is that you are running a server which is actually hosted on another computer. But the software makes it seem like the computer is all by itself. You run a full operating system just as if it was on a dedicated machine. But in reality it is right next to other instances of VPS’s on the same machine. If you want the dedicated server feel but without the dedicated server price then a VPS solution is a very good one. But you have to remember that even though it is a virtual server, black hat hackers can attack it just like it was a normal server. So you must run the same protection software that you would on a real machine.
Protecting your VPS
There are a couple of parts that you want to make sure are set up before you set the server to be public. Right now I am only talking about Linux based VPS’s. While most of the rules that I am about to state can be used for Windows based servers as well, some of them cannot. So to keep confusion down to a minimum just remember that I am talking about Linux servers.
First of all, you must remember to not use root access to make changes on your server. If you are using Ubuntu then you can use su, on other Linux based systems it would be sudo. Some people take off the root access to the server entirely but that is up to you. After that, make sure that all the folders that are not supposed to be shown to the public are not. Sometimes people will accidentally make a folder visible to the public which makes them vulnerable. The only folder that should be shown is the one with your web site in it.
If you can get it set up, make sure that you are running some sort of firewall on the machine. Firewalls will allow you to keep all of your ports guarded. That is the main way that hackers are able to get in so you want to avoid that if possible. A popular firewall solution on Linux is IPTables. And last but not least is that you want to make sure that all of the software, which includes the operating system itself, is upgraded. This will allow you to have any security upgrades that are needed.
If you want a server that has the power and flexibility of a dedicated server but not the price then you might want to look into having a VPS. As long as you maintain the security of the server you will find that it is a very reasonable solution.